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METHODS AND APPARATUS FOR management memory during system initialization. The 

PREVENTING UNAUTHORIZED WRITE authentication functions are invoked using a system man- 

ACCESS TO A PROTECTED NON- VOLATILE agemenl interrupt (SMI), which when asserted, automati- 

STORAGE callv maps the system management memory into the normal 

5 system memory space. A non-volatile memory write security 

This is a continuation of application Ser. No. 08/598,803, circuitry is provided to qualify a memory write signal 

filed Feb. 9, 1996, now issued as U.S. Pat. No. 5,835,594. provided to the protected non-volatile storage, and to gen- 
erate the SM whenever a write to the protected non-volatile 

BACKGROUND OF THE INVENTION storage is requested. 

1. Field of the Invention 10 BRIEF DESCRIPTION OF DRAWINGS 
The present invention relates to the field of computer 

systems. More specifically, the present invention relates to ^ P resent invention will be described by way of exem- 

data security on computer systems. P larv embodiments, but not limitations, illustrated in the 

„ _ t , w . accompanying drawings in which like references denote 

2. Background Information 15 simi]ar elements , and in wh ich: 

Existing methods of preventing unauthorized write access F]GS ^ ^ essentia] rf ^ t 

tononvolaUlestoragesuchasFLASHmemory typically rely Senium, Jnd ^ ^a^^ with each other; 
on secret access methods to a write enable circuit. These 

"secret" access methods to the write enable circuit can be FIG < 3 grates an exemplary computer system incor- 
reverse-engineered through the use of standard debugging 20 Plated with the teachings of the present invention on 
hardware. Once reverse engineered, a person will be able to securin S lhe authentication functions; 
produce code that can write to the "protected" non-volatile FIG. 4 illustrates the system BIOS, and for one 
storage at will. If the code is used in a malicious manner, it embodiment, the operating system of the exemplary corn- 
can be used to introduce viruses into the "protected" non- puter system in further detail; 

volatile storage or even destroy the content of the non- 25 FIG. 5 illustrates the FLASH security circuitry of FIG. 3 

volatile storage. in further detail; 

Thus, it is desirable to have a more robust approach to FIG. 6 illustrates execution flow of the exemplary corn- 
preventing unauthorized access to non-volatile storage, in puter system under a system management mode; and 
particular, an approach that does not rely on the access p IG 7 illustrates one embodiment of the execution flow 
method not being known. As will be described in more detail 30 f or wr i un g into FLASH memory, 
below, the present invention achieves these and other desir- 
able results. DETAILED DESCRIPTION OF THE 



SUMMARY OF THE INVENTION 



INVENTION 



3S In the following description, for purposes of explanation, 

In accordance to the present invention, an electronic specific numbers, materials and configurations are set forth 

signature is generated in a predetermined manner and j n order to provide a thorough understanding of the present 

attached to a transferable unit of write data, to facilitate invention. However, it will be apparent to one skilled in the 

authenticating the write data before allowing the write data ar t that the present invention may be practiced without the 

to be written into a protected non-volatile storage. The write 4Q specific details. In other instances, well known features are 

data is authenticated using a collection of secured authen- omitted or simplified in order not to obscure the present 

ticalion functions. Additionally, the actual writing of the invention. Furthermore, for ease of understanding, certain 

authenticated write data into the protected non-volatile stor- method steps are delineated as separate steps, however, these 

age is performed by a secured copy utility. separately delineated steps should not be construed as nec- 

The electronic signature is functionally dependent on the 45 essarily order dependent in their performance, 

content of the write data, and the predetermined manner of Referring now to FIGS. 1 and 2, two block diagrams 

generating the electronic signature is reproducible during illustrating the essential elements of the present invention, 

write time. In one embodiment, the electronic signature is and their interrelationships to each other are shown. As 

generated by the creator of the write data, by generating a illustrated, a transferable unit of non-volatile storage write 

digest based on the content of the write data using a message 50 data 100 is provided with an electronic signature 102 to 

digest function, and then encrypting the generated digest facilitate authenticating write data 100 prior to allowing 

with a secret private key using an encryption function. write data 100 to be written into a non- volatile storage. 

The collection of secured authentication functions include Preferably, electronic signature 102 is "attached" to write 

a secured corresponding copy of the message digest data 100. Examples of a transferable unit include a file, or a 

function, and a secured complementary decryption function. 55 block, whereas examples of non-volatile storage include 

During operation, the secured decryption function reconsti- FLASH memory or erasable programmable read-only- 

tutes the original digest by decrypting the electronic signa- memory (EPROM). Examples of write data is system basic 

hire with a secured complementary public key, while the input/output service (BIOS) updates, such as additions, 

secured copy of the message digest function generates deletions and modifications. For many applications, it is 

another digest based on the content of the' write data to be 60 expected that electronic signature 102 is generated and 

authenticated. The two digests are compared using a secured "attached" to write data 100 at the time write data 100 is 

comparison function. If the two digests pass the comparison, created. 

the secured copy utility is invoked to copy the authenticated For the illustrated embodiment, electronic signature 102 

write data into the protected non- volatile storage, otherwise, is generated by encrypting a reference digest 104 with a 

the write data are rejected. 55 secret private key 106 using an encryption function 108. The 

In one embodiment, the authentication functions are reference digest 104 is generated using a message digest 

secured by copying them into a normally unavailable system function 110. In other words, the content of reference digest 
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104 is functionally dependent on the content of write data 22Sa-22Sb and 232 are either removably interconnected to 

100. Accordingly, the content of electronic signature 102 is motherboard 242 via sockets (not shown) or "soldered" onto 

also functionally dependent on the content of write data 100. motherboard 242, whereas elements 234-238 are coupled to 

At write time, a secured corresponding copy of message motherboard 42 through cables and connectors (not shown), 

digest function 112 generates a "new" digest 114 in real 5 Processor 212 performs the conventional function of 

time. At the same time, a secured complementary decryption executing code. Processor 212 is equipped to execute code 

function 116 reconstitutes original reference digest 104 by m multi fc modcs mcUlding a systcm managcm cnt mode 

decrypting electronic signature 1UZ using secured comple- (SMMy p rocessof 212 

is also equipped to respond to a wide 

mentary public key 118. The two digests 104 and 114 are * ' man a gem ent inter- 

provided to a secured comparison function 120 to determine in , m M i\ i_- l i -mi - nS** 

" f • j , . i ~, r . j. . 1rt>( i 11/4 10 nipt (SMI), which places processor 212 in SMM. Memory 

if they are identical. The two digests 104 and 114 are V« j i *-i i« *»>>n a m 

•a *- i c '* At infl- ,l ♦ • • A u *u A m fl ^iA/i controller 218 and volatile memory units 216, 220 and 222 

identical if write data 100 is authentic, since both digests 104 _ . . . _ t . J r '.. 

j 11^ ii j , . ' . perform the conventional functions of controlhng memory 

and 114 are functionally dependent on the contents of write v . • . / 

* j u • _™ ,1 • * access, and providing execution time storage respectively. In 

data 100, generated by copies of the same message digest . . r . • 

r . ..f n j 11-1 j Tu ^ , t - j ;„ particular, for each write access to memory, memory con- 
function 110 and 112. and the encryption were decrypted in _ y „ * a a ^MT-KMXXIU • 1 C .1. JJ J 

a complemenury manner. If the two digests 104 and 114 15 ,roUer 218 & ea ™ ies a ^ for "jf resse * 

compared successfully, a secured copy function 122 is memor y Memory controller 218 normally does no 

notified to perform the actual writing into the protected ma P s y stem moment memory 222 as part of the normal 

non-volatile storage, otherwise the write data is rejected. system memory space. System management memory 222 « 

f ' r . . mapped into the system memory space, when processor 212 

Encryption and decryption functions 108 and U6 may M ent jf S SMM. Furthermore, except for system initialization, 

implement any one of a number of private/pubbc key ^ ^ and execution in SMM tem 

encryption/decryption techniques known in the art. r , i-»V- •* r uj 

l " J j. t ■ -,^ A «^>* . . i management memory 222 is write disabled. 

Similarly, message digest function 110/112 may also imple- ' 

ment any one of a number of message digest techniques FLASH memory 224 performs its conventional function 

known in the art. For further information on private/public „ of providing non-volatile storage respectively. In particular, 

key encryption/decryption techniques, see e.g. Hellman et FLASH memory 224 stores system BIOS. During system 

al, Public Key Cryptographic Apparatus and Method, U.S. initialization, the bulk of the system BIOS that are not 

Pat. No. 4,218.582, and Rivest et al., Cryptographic Com- securit y * ensitive . are loaded ^l 0 ,. m f ir V memorv . 220 > 

munications System and Method, U.S. Pat. No. 4,405,829; whereas the remaining system BIOS (including in particular 

and for further information on message digest, see e.g. 30 write data authentication funcUons) that are security 

Method for Identifying Subscribers and for Generating and senslUve are loaded ^to system management memory 224 

Verifying Electronic Signatures in a Data Exchange System, ^ &&ain ^ ™ l 226 P rolects FLA™ memory 224 

U.S. Pat. No. 4,995,082, and Rivest, The MD5 Message from unauthorized write accesses, by keeping FLASH 

Digest Algorithm, Request For Comment (RFC) 1321, Apr. memorv 224 ™* tabled and generating an SMI to 
j invoke the secured system BIOS write data authentication 

' . r ^ , ^ ,m j - «• 3S functions in system management memory 222 to authenti- 
cation of electronic signature 102 and associating it t . .* , t , & . , . ' AC „ 
•it. a . inn a j * . ** j * cate the write data, whenever it enables FLAbH memory 
with write data 100 as described above, may be practiced in __ A c . * _ . .._ . . J 
. f , . i - *u * aoa 224 for a wnte access. General purpose I/O ports 232 also 
any number of computer systems known in the art, provided . . . -a- 

4k J • a * * a i~ m «.n Jl Ai^t perform [heir conventional funcUons for providing I/O ports 

they are equipped to store and execute message digest f . c . , . T t . , r ... & T/ri r . 

^ t1 „ j a i no t* * #• * t *A to a vanety of peripherals. In particular, one of the I/O ports 

function 110 and encryption funcUon 108. It is anticipated 40 . , 7 Vr *on ■ % -^i^ p % 

, - i- / c i . • • . is used to notify FLASH security circuit 226 of a write 

that for most applications, creaUon of electronic signature i _ t, 

1M f- j »i_ . * u request to FLASH memory 224. The wnte request is 

102 will be practiced on the same computer system where , H . . 3 . ( ft , 

write data 100 is created. For example, for the above denoted by wnttng to a corresponding register of the I/O port 

mentioned system BIOS update application, it is anticipated ^ a standard I/O instruction of exemplary computer 

that the system BIOS updates and electronic signature 102 45 s ^ s em 

will be generated and associated at the same time and on the Hard disk storage 234 also performs the conventional 
same computer system function of providing non-volatile storage. In particular, 
FIG. 3 illustrates an exemplary computer system 200 hard disk storage 234 stores operating system of exemplary 
incorporated with the teachings of the present invention on computer system 200. During system mitidization operat- 
authenticating write data before allowing the write data to be so m S s y stem 15 loaded mt0 mam Tf 0 ^ ^ ? 
written into a protected non-volatile storage. Exemplary elements perform their convenUonal function known m the 
computer system 200 includes processor 212, processor bus art - Except for the particularized functions and/or 
214, cache memory 216, memory controller 218, and a requirements, all enumerated elements are intended to rep- 
plurality of other memory units 220-224 coupled to each resent a . broad cate e or y of these dements found in computer 
other as shown. Other memory units 220-224 include main 55 svstems - 

memory 220, system management memory 222, and FIG. 4 illustrates system BIOS and operating system of 

FLASH memory 224. In accordance to the present exemplary computer system 200 in further detail. As shown, 

invention, exemplary computer system 200 includes in system BIOS 260 includes init function 262, FLASH copy 

particular FLASH security circuitry 226. Addiuonaily, com- utility 264, message digest function 266, decryption func- 

puler system 200 includes bridge circuits 228a-228/>, high 6 o liorj 268 > P ublic ke Y 270 » digest comparison function 272, 

performance and standard (input/output) I/O buses SMI handler 274 and read/write service. 276, whereas, for 

230a-230£, general purpose I/O (GPIO) ports 232, hard and some embodiments, operating system 250 includes FLASH 

diskette storages 234-236, keyboard and cursor control utility 252. 

device 238, and display 240, coupled to each other and the Init function 262 initializes system BIOS 260 during 

above enumerated elements as shown. 65 system iniUalization, including loading FLASH copy utility 

For the illustrated embodiment, buses 214, 230a and 230ft 264, message digest function 266, decryption function 268, 

are disposed on motherboard 242. Elements 212, 216-226, public key 270, digest comparison function 272, and SMI 
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handler 274 into system management memory 222. As FIG. 6 illustrates execution flow of the exemplary corn- 
described earlier, system management memory 222 is nor- puter system in SMM. As shown, upon detection of an SMI, 
mally not mapped into system management space, unless a processor 212 directs memory controller 218 to switch in 
SMI is triggered placing processor 212 in SMM, and system ma p system management memory 222 as part of the 
management memory 222 is write disabled except for 5 system memory space, and in response, memory controller 
initialization, processor mode transition, and execution in 218 performs the requested switching and mapping 
SMM. Accordingly, these system BIOS functions are accordingly, step 282. Next, processor 212 saves the pro- 
secured from malicious modification. cessor state into system management memory 222, step 284. 

SMI handler 274 services SM's, invoking other functions Upon saving the processor state, processor 212 transfers 

(including the write data authentication functions) as 1Q cxecution mnim \ to pre-stored SM handler 274, step 286. 

necessary, depending on the cause of a particular SMI. As . 

•11 u a -u a • Z > -i u~i«,„ oxxi 17^ ,v SMI handler 274 then determines the cause or the SMI 

will be described in more detail below, SMI handler 274 is , 4 . ___ T ,. . . . 

.1 * * * cxjtxjt a a ~-u a and services the SMI accordingly, invoking other routines 

given control upon entry into SMM. As described earner, , , „ ** J J b TT 

j- . <*t£ ♦ a * * • 1 .l, such as the authentication functions as necessary. Upon 

message digest 266 generates a digest in real time for the . . „,„ „ x , r , . J n r 

•« a t c cr acu •* ■« « .Ar.„„o tn t u a servicing the SMI, SMI handler 274 executes a Resume 

write data of a FLASH write request, in accordance to the iC . ° ' ^ «■ * . t ■ • 

content of the write data, and decryption function 268 15 » «™f « executl0n «> ntrol b ^ to ln <=/" 

decrypts the electronic signature "attached" to the write data m P ie * P«*™™. In re f s P onse ' P tocess ° r 212 "f™ 8 the 

c l i-i . ■ Li- i -ita . saved processor state from system management memory 

of the FLASH write request using public key 270, to / J . J 

, .l n acu j , i • • it* # r\ . 222, step 288. Furthermore, processor 212 directs memory 

reconstitute the FLASH write data s original digest. Digest ^ 0 . \ . 

- t f. , * j controller 218 to unmap system management memory 222 

comparison function 272 compares the two digests, and ^ J j ■* l . . 

finally FLASH copy utility 264 performs the actual writing 20 from thc s f cm ™moy space and switch out system 

of the ^authenticated data into FLASH memory 224. Message management ™™ry 222 ^ response, memory controller 

digest function 266, decryption function 268, digest com- 218 P crf ° rms t the requested unmapping and switching 

parison function 272, and FLASH copy utility 264 are accordingly, step Zy\). 

invoked in due course by SMI handler 274 upon determining As a result, the SMI is serviced in a manner that is 

that a SMI is triggered by FLASH security circuitry 226. transparent to the executing operating system, subsystems as 

Read/Write services 276 provides read and write services wel1 35 applications. In other words, an SMI is a transparent 

to 170 devices. Read/Write services 276 are among the bulk s y stem service irrupt. 

of the BIOS functions that are loaded into main memory 220 FIG. 7 illustrates one embodiment of the execution flow 

during system start up. 30 for writing data into FLASH memory 224. As shown, in 

For some embodiments, FLASH utility 252 is included to res P onse 10 a write request from an application, such as 

perform various FLASH related functions including in par- FLASH utility 252 described earlier, read/wnte services 276 

ticular copying of FLASH write data from an external set U P P h y sical address pointeis to the write data, step 

source medium to a buffer in main memory 220, and then 302 * Next > for the illustrated embodiment, read/wnte ser- 

copying the FLASH write data from the buffer into FLASH 35 vices 276 S enerate a software L SM f t0 enter SMM and to 

memory 224 by way of read/write services 276, which P^vide the SMI handler with the physical address pointers 

invokes message digest function 266, decryption function of the write data, step 304. A software SMI is used and 

268, etc., to validate the FLASH write data, and if validated, preferred at this point m time as opposed to the designated 

FLASH copy utility 264 to perform the actual writing, to be GPIO port 232 because FLASH memory would remain 

described more fully below. Examples of such FLASH write 40 tabled dunn g thc authentication process, 

data are system BIOS additions, deletions, and modifications Upon entry into SMM, as described earlier, SMI handler 

described earlier, and an example of an external source 274 is given control. Upon ascertaining the reason for the 

medium is a diskette. SMI, SMI handler 274 invokes message digest 266 and 

FIG. 5 illustrates FLASH security circuit 226 in further decryption function 268 to authenticate the write data iden- 

detail. As shown, FLASH security circuit 226 includes first 45 ufied bv ^ c physical address pointers, step 306. If the write 

and second drivers 278 and 280. The input (ENFW#) of first da ta fails the authentication process, step 308, SMI handler 

driver 278 is provided by one of the I/O ports of GPIO ports 274 sets the appropriate error flags, step 310, clears the 

232, whereas the output of first driver 278 is coupled to a designated GPIO port, step 316, and exits SMM. Upon given 

signal line coupling a SMI trigger mechanism to processor control again, read/write services 276 returns to the caller, 

212. Thus, whenever, GPIO ports 232 sets ENFW# active to 50 after performing the necessary "clean ups". 

enable write access, in response to a FLASH write request, On the other hand, if at step 308, the write data passes the 

first driver 278 causes a SMI to be triggered for processor authentication process, SMI handler 274 enables write to 

212. FLASH memory 224, by setting the designated GPIO port 

The inputs (ENFW# and MEMW#) of second driver 280 232, step 312. Once enabled, the authenticated write data are 

are provided by the same I/O port of general purpose I/O 55 copied into FLASH memory 224, step 314. After all authen- 

ports 232 and memory controller 218 respectively, whereas seated write data have been copied, as described earlier, 

the output (FLASHWE#) of second driver 280 is provided SMI handler 274 clears the designated GPIO port 232, and 

to FLASH memory 224. FLASH WE# is tri-stated. exits SMM. Upon given control again, read/write services 

FLASHWE# becomes active, when both MEMW# and 276 returns to the caller, after performing the necessary 

ENFW# are active. In other words, the write signal 60 "cleanups". 

(MEMW#) from memory controller 218 is qualified by As described earlier, when SMI handler 274 enables write 

ENFW#, which at the same time through first driver 278 to FLASH memory 224 by way of the designated GPIO port, 

would cause a SMI to be triggered. Thus, the secured in addition to enabling FLASH memory 224 for write, a SMI 

authentication functions stored in system management is triggered. However, since this "new" SMI is triggered 

memory 222 would be invoked to authenticate the write data 65 while the system is in SMM, the "new** SMI is discarded, 

before allowing them to be written into FLASH memory The reason why the "new" SMI is triggered is because for 

224. the illustrated embodiment, the designated GPIO port 232 
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may be set outside SMM. The "automatic" SMI will ensure 
that the write data will be authenticated in the event that 
happens, preventing any possibility of bypassing the authen- 
tication process. 

Thus, methods and apparatus for preventing unauthorized 
access to a protected non-volatile memory have been 
described. While the method and apparatus of the present 
invention has been described in terms of the above illus- 
trated embodiments, those skilled in the art will recognize 
that the invention is not limited to the embodiments 
described. The present invention can be practiced with 
modification and alteration within the spirit and scope of the 
appended claims. The description is thus to be regarded as 
illustrative 'instead of restrictive on the present invention. 

What is claimed is: 

1. In a computer system comprising a non-volatile storage 
having stored therein data content, a method for protecting 
the non-volatile storage from unauthorized write access, the 
method comprising: 

a) reading a plurality of associated authentication func- 
tions from the non- volatile storage, and securing the 
plurality of associated authentication functions on the 
computer system; and 

b) selectively invoking the associated authentication func- 
tions to authenticate the write data of a write access to 
the non- volatile storage. 

2. The computer implemented method as set forth in claim 

1, wherein step (a) comprises securing the authentication 
functions in a secured portion of memory of the computer 
system. 

3. The computer implemented method as set forth in claim 

2, wherein the authentication functions of step (a) are 
implemented as a plurality of system basic input/output 
services (BIOS) of the computer system; and step (a) 
comprises copying the plurality of system BIOS into system 
management memory of the computer system during system 
initialization, the system management memory being nor- 
mally not mapped into a normal system memory space of the 
computer system except when the computer system is 
executing in a system management mode, and the system 
management memory being write protected except for sys- 
tem initialization and system execution mode transition. 

4. The computer implemented method as set forth in claim 
1, wherein the associated electronic signature is generated 
by encrypting a first digest with a secret private key, the first 
digest being generated based on the content of the write data 
of the write access; and step (b) comprises 

(bl) invoking a secured decryption function of the 
secured authentication functions to reconstitute the first 
digest by decrypting the associated electronic signature 
using a secured public key complementary to the secret 
private key, 

(b.2) invoking a secured message digest function of the 
secured authentication functions to generate a second 
digest based on the content of the write data of the write 
access, and 

(b.3) invoking a secured digest comparison function of 
the secured authentication functions to determine if the 
write data of the write access is authentic by comparing 
the first and second digests. 

5. The computer implemented method as set forth in claim 
4, wherein step (b) further comprises step (b.4) conditionally 
invoking a secured copy utility of the secured authentication 
functions to copy the write data into the protected nonvola- 
tile storage if the first and second digests compared success- 
fully in step (b.3). 
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6. The computer implemented method of claim 4, wherein 
unsecuring the secured associated authentication functions 
(b.l) comprises issuing a system management interrupt 
(SMI) placing the computer system into SMM, wherein the 
system management memory is mapped to the normal 
memory space from which the associated authentication 
functions are selectively invoked to authenticate received 
data. 

7. A computer system comprising: 

(a) a non-volatile storage having stored therein data 
content; 

(b) a plurality of authentication functions associated with 
the data content and stored in the non-volatile storage, 
to authenticate the write data of a write access to the 
non-volatile storage wherein the associated authentica- 
tion functions authenticate the write data using an 
electronic signature which is functionally dependent on 
the content of the write data; 

(c) a secured memory unit to store and secure the plurality 
of associated authentication functions when read from 
the non-volatile storage; and 

(d) a processor coupled to the non -volatile storage and the 
secured memory unit to selectively invoke the associ- 
ated authentication functions to authenticate the write 
data of a write access to the non-volatile storage. 

8. The computer system as set forth in claim 7, wherein 
the plurality of authentication functions include 

a decryption function for reconstituting a first digest by 
decrypting the electronic signature with a public key, 
the electronic signature being generated by encrypting 
the first digest with a secret private key in a comple- 
mentary manner, 

a message digest function for generating a second digest 
based on the content of the write data of the write 
access in the same manner the first digest was 
generated, and 

a digest comparison function for determining whether the 
write data of the write access is authentic by comparing 
the first and second digests. 

9. The computer system as set forth in claim 8, wherein 
the decryption function, the message digest function and the 
digest comparison function are implemented as a plurality of 
system basic input/output services (BIOS) of the computer 
system, which are copied into the secured memory unit 
during system initialization, the secured memory unit being 
normally not mapped into a normal system memory space of 
the computer system except when the processor is executing 
in a system management mode, and the secured memory unit 
being write protected except for system initialization and 
processor execution mode transition. 

10. The computer system as set forth in claim 9, wherein 
the non-volatile storage is a FLASH memory storage unit 

for storing system BIOS; 
the decryption function, the message digest function, the 

digest encryption function and the public key are 

pre-stored in the FLASH memory storage unit; 
the computer system further includes main memory 

coupled to the processor; and 
the write data of the write access are system BIOS updates 

staged in a buffer in the main memory. 
U. The computer system as set forth in claim 10, wherein 
the computer system further includes a memory controller 

coupled to the processor, the main memory, the secured 

memory unit and the FLASH memory for controlling 

memory access; 
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a FLASH security circuit coupled to the memory control- non-volatile memory storage unit for controlling 

ler and the FLASH memory for qualifying a write memory access; 

signal provided by the memory controller to the (g) a non-volatile memory access security circuit coupled 

FLASH memory for the write access, and for general- to the memory controller and the non-volatile memory 

ing an interrupt to place the processor in the system 5 storage unit for qualifying a write signal provided by 

management mode. the memory controller to the non-volatile memory 

12. The computer system as set forth in claim 11, wherein storage unit for a write access initiated to write the 
the computer system further includes an I/O port coupled system BIOS updates into the noo-volatile memory 

to the processor and the FLASH security circuit for storage unit, and for generating an interrupt to place the 

notifying the FLASH security circuit of the write 1Q computer system in the system management mode, 

access. 20. The computer system motherboard as set forth in 

13. The computer system as set forth in claim 8, wherein claim 19, wherein the computer system motherboard further 
the plurality of authentication functions further include a includes an I/O port coupled to the processor and the 
copy function for conditionally copying the write data of the non-volatile memory access security circuit for notifying the 
write access into the non-volatile storage if the digest non-volatile memory security circuit of the write access, 
comparison function successfully compares the first and 15 21. The computer system motherboard of claim 17, 
second digests. wherein the computer system enters system management 

14. The computer system of claim 7, wherein the proces- mode (SMM) upon receipt of a system management inter- 
sore nters system management mode (SMM) upon receipt of rupt (SMI), whereafter the computer system selectively 
a system management interrupt (SMI), whereafter, the pro- i° vokes * e associated authentication functions to auihenU- 
cessor selectively invokes the associated authentication 20 cate received data. 

functions to authenticate received data. 22 ' ™ c c ° m P ut ' r system motherboard as set forth in 

15. A computer system motherboard comprising: g^ 15 ' wherein me of ™*«*"*">n functions 

(a) a non-volatile memory storage unit; and 'Vde'cryption function for reconstituting a first digest by 

(b) system basic input/output services (BIOS) and a 25 decrypting the electronic signature with a public key, 
plurality of associated authentication functions stored the electronic signature being generated by encrypting 
in the non-volatile memory storage unit, wherein the me ^ digest with a secret private key in a comple- 
plurality of associated authentication functions authen- mentary manner, 

ticate the write data of a write access to update the a message digest function for generating a second digest 

system BIOS using an electronic signature that is 30 based on the content of the system BIOS updates in the 

functionally dependent on the content of the system same manner the first digest was generated, and 

BIOS updates, a digest comparison function for determining whether the 

16. The computer system motherboard as set forth in system BIOS updates are authentic by comparing the 
claim 15, wherein the computer system motherboard further first and second digests. 

includes 35 23 . The computer system as set forth in claim 22, wherein 

(c) main memory for staging the system BIOS updates in the plurality of authentication functions further include a 
a buffer. C0 P V function for conditionally copying the system BIOS 

17. The computer system motherboard as set forth in updates into the non-volatile memory storage unit if the 

claim 16, wherein the computer system motherboard further comparison function successfully compares the first 

includes and second dl g ests - 

A , f ^ • , 40 24. A storage medium having stored thereon a plurality of 

(d) system management memory for s tonng and securing exccuUWfi in * tructiorjS ^ w f en executed) imp ^ me nt a set 
the plurahty of authentication functions during opera- Qf m bagic m t/oxlt t ^ wices (BI0S ) and authenti- 
tion of the computer system, the plurality of authenti- cate a system BI0S update usiflg aQ electronic sigDat ure 
cation functions being copied into the system manage- ass0 ciated with the system BIOS update, wherein the con- 
ment memory during system initialization, the system 45 tem of the electronic signature is functionally dependent on 
management memory being normally not mapped into lne content of the system BIOS update. 

a normal system memory space of the computer system 25. The storage medium of claim 24, wherein the plurality 

except when the computer system is executing in a of executable instructions for authenticating a system BIOS 

system management mode, and the system manage- update may be read from the storage medium and retained 

ment memory being write protected except for system 50 in secured memory upon initialization of a host computer 

initialization and system execution mode transition. system. 

18. The computer system motherboard as set forth in 26. The storage medium of claim 25, wherein the secured 
claim 17, wherein the computer system motherboard further memory is a system management memory that is not 
comprises mapped into system memory space of the computer system 

(e) a processor coupled to the non-volatile memory stor- 55 unless lhe computer system is to execute in a system 
age and the system management memory for invoking management mode, and the system management memory is 
the authentication functions during operation of the write protected except for system initialization and system 
computer system in system management mode to . execution mode transition. 

authenticate the system BIOS updates, and to allow 27. The storage medium of claim 24, wherein the plurahty 

only authenticated system BIOS updates to be written 60 of executable instructions, when executed, implement: 

from the buffer of main memory into the non-volatile a decryption function that uses a public key to decrypt an 

memory storage unit. electronic signature to generate a first digest, 

19. The computer system motherboard as set forth in a message digest function to generate a second digest 
claim 18, wherein the computer system motherboard further based, at least in part, on the content of a system BIOS 
comprises: 65 update, and 

(f) a memory controller coupled to the processor, the main a digest comparison function for comparing the first 
memory, the system management memory and the digest to the second digest 
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28. The storage medium of claim 24, wherein the plurality 
of executable instructions, when executed, further copy a 
system BIOS update into the storage medium if the digest 
comparison function indicates that the first digest and the 
second digest are complementary. 

29. A FLASH memory having stored therein a plurality of 
executable instructions that, when executed, authenticate a 
system BIOS update. 

30. The FLASH memory of claim 29, wherein the execut- 
able instructions, when executed, use a public key to decrypt 
an electronic signature to generate a first digest. 

31. The FLASH memory of claim 30, wherein the execut- 
able instructions, when executed, apply a message digest 
function to a system BIOS update to generate a second 
digest. 

32. The FLASH memory of claim 31, wherein the execut- 
able instructions, when executed, compare the first digest 
with the second digest. 
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33. A FLASH memory having stored therein a plurality of 
executable instructions that, when executed, authenticate a 
BIOS update by: 

a) decrypting an electronic signature to generate a first 
digest; 

b) creating a second digest from a system BIOS update; 
and 

c) comparing the first digest with the second digest. 

34. A storage medium having stored therein: 

a) a plurality of executable instructions that, when 
executed, present a system BIOS update for authenti- 

, cation by a computer system having a non-volatile 
memory containing a BIOS; and 

b) an electronic signature for the system BIOS update. 
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